Karan Idnani's Blog
#Day38:Getting Started with AWS Basicsโ˜

#Day38:Getting Started with AWS Basicsโ˜

Karan Idnani's photo
Karan Idnani
ยท

6 min read

Amazon Web Services (AWS) is like a vast playground for businesses and developers in the cloud computing world. ๐ŸŒ Whether you're a startup, an enterprise, or an individual, AWS provides a wide range of services to meet your computing, storage, database, analytics, and machine learning needs, just to name a few! ๐Ÿš€

What is AWS?

๐Ÿค– AWS, an Amazon subsidiary, is the most popular and widely used cloud service provider globally. It offers a scalable, reliable, and cost-effective cloud computing platform that allows you to focus on building your applications rather than managing infrastructure. ๐Ÿ’ผ

Here are some key AWS services :

  1. EC2 (Elastic Compute Cloud): ๐Ÿ–ฅ๏ธ - Think of it as your virtual server in the cloud.

  2. S3 (Simple Storage Service): โ˜๏ธ - Your cloud-based storage solution.

  3. RDS (Relational Database Service): ๐Ÿ—ƒ๏ธ - Database management made easy.

  4. Lambda: ๐Ÿค– - Serverless computing at your fingertips.

  5. SNS (Simple Notification Service): ๐Ÿ“ข - Keep your users in the loop.

  6. SQS (Simple Queue Service): ๐Ÿ’Œ - Efficient message queuing for your apps.

IAM - The Guardian of AWS Resources

Now, let's talk about AWS Identity and Access Management (IAM). ๐Ÿ›ก๏ธ

IAM is like the gatekeeper of your AWS resources. It allows you to control who can access your resources and what actions they can perform. ๐Ÿ”‘

Here's how IAM works:

  • Users: ๐Ÿ™‹โ€โ™‚๏ธ๐Ÿ™‹โ€โ™€๏ธ - IAM allows you to create and manage users who need access to AWS.

  • Groups: ๐Ÿง‘โ€๐Ÿคโ€๐Ÿง‘ - You can organize users into groups, making it easier to assign permissions.

  • Roles: ๐Ÿงญ - IAM roles are used to grant permissions to AWS services and resources.

  • Policies: ๐Ÿ“œ - Policies define permissions and can be attached to users, groups, or roles.

  • MFA (Multi-Factor Authentication): ๐Ÿ”’ - Add an extra layer of security with MFA.

IAM ensures the principle of least privilege, meaning users and services have only the permissions necessary to perform their tasks. This minimizes the risk of unauthorized access or accidental changes. ๐Ÿ‘ฎ

Why is IAM Important?

Imagine giving everyone access to your AWS account without restrictions. Chaos, right? IAM ensures that doesn't happen. It helps you:

  • Enhance Security: ๐Ÿ” Protect your AWS resources from unauthorized access.

  • Compliance: ๐Ÿ“œ Meet regulatory requirements by controlling access.

  • Least Privilege: ๐Ÿšซ Only grant the necessary permissions to avoid accidents.

  • Audit Trails: ๐Ÿ“Š Keep track of who did what in your AWS account.

  • Manage Resources: ๐Ÿ“ฆ Organize users and resources efficiently.

In conclusion, AWS is a versatile cloud platform offering a wide range of services, while IAM helps you maintain control and security over your resources. Together, they empower you to harness the full potential of the cloud while keeping your data and applications safe. โ˜๏ธ๐Ÿ”

Task1:

Create an IAM user with username of your own wish and grant EC2 Access. Launch your Linux instance through the IAM user that you created now and install jenkins and docker on your machine via single Shell Script.

Here are the general steps to accomplish this task:

Step 1: Create an IAM User

  1. Log in to the AWS Management Console.

  2. Navigate to the IAM (Identity and Access Management) dashboard.

  3. Click on "Users" in the left-hand navigation pane.

  4. Click the "Create User" button.

  5. Enter a username of your choice.

  6. Select the "Programmatic access" checkbox to enable programmatic access.

  7. Attach an existing policy or create a custom policy with EC2 access.

  8. Review the user details and click "Create user."

  9. Make note of the Access Key ID and Secret Access Key for this user.

Step 2: Launch an EC2 Instance

  1. Navigate to the EC2 dashboard.

  2. Click "Launch Instance" to create a new EC2 instance.

  3. Choose an Amazon Machine Image (AMI) with your preferred Linux distribution.

  4. Select an instance type.

  5. Configure the instance details, including the IAM role you created in the previous step.

  6. Add storage and configure other details as needed.

  7. Review and launch the instance.

Step 3: SSH into the EC2 Instance

  1. Once the instance is running, SSH into it using the private key associated with the key pair you selected during instance creation.

Example:

 ssh -i "aws_demo_iam.pem" ubuntu@ec2-34-238-39-47.compute-1.amazonaws.com

Step 4: Create and Run a Shell Script

  1. Create a shell script (e.g., install_jenkins_docker.sh) on the EC2 instance using a text editor such as nano or vim.

  2. Add the following script to the file to install Jenkins and Docker:

#!/bin/bash

# Update the package list
sudo apt-get update -y

# Install Jenkins
sudo apt-get install -y openjdk-8-jdk
wget -q -O - https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add -
sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'
sudo apt-get update -y
sudo apt-get install -y jenkins

# Install Docker
sudo apt-get install -y docker.io

# Start Jenkins and Docker services
sudo systemctl start jenkins
sudo systemctl enable jenkins
sudo systemctl start docker
sudo systemctl enable docker

# Add the current user to the docker group to run Docker without sudo
sudo usermod -aG docker $(whoami)

# Clean up
sudo apt-get clean

  1. Save and exit the text editor.

  2. Make the script executable:

chmod +x install_jenkins_docker.sh
  1. Execute the script to install Jenkins and Docker:
./install_jenkins_docker.sh

The script will install Jenkins, Docker, and configure them on your EC2 instance. After the script completes, you should be able to access Jenkins from your instance's public IP address and port 8080 in a web browser. Remember to configure security settings and access controls for Jenkins according to your requirements.

Task2:

In this task you need to prepare a devops team of avengers. Create 3 IAM users of avengers and assign them in devops groups with IAM policy.

  1. Log in to your AWS Management Console.

  2. Navigate to the IAM service.

  3. Click on "Users" in the left navigation pane.

  4. Click "Add user."

  5. Enter the usernames of the IAM users.

  6. Select "Programmatic access" and "AWS Management Console access" as access types.

  7. Choose "Autogenerated password" or "Custom password" to set initial passwords.

  8. Uncheck the "User must create a new password at next sign-in" option (if you set a custom password).

  9. Choose "Add user to group" and Create the "DevOps" group

  10. Search for and attach relevant policies to the group. For DevOps access, you might attach policies like "AmazonEC2FullAccess," "AmazonS3FullAccess," "AmazonRDSFullAccess," etc.

  11. Review and create the group.

  12. Now, Review and create the users.

  13. Now, each user is associated with a specific DevOps group with the necessary IAM policies. You can add more users by clicking โ€œcreate usersโ€ from Users.

    In summary, AWS users and groups are fundamental components for managing access and security within Amazon Web Services. Careful configuration and adherence to the principle of least privilege are crucial for maintaining a secure environment. AWS offers robust tools like IAM and Organizations for efficient user and group management. As more organizations embrace AWS, mastering these aspects is vital for data and resource protection.

#90daysofdevopsAWSIAM
ย